The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The growth in use of mobile phones to communicate and access sensitive resources drives the research of new approaches for protecting smartphones from all the possible attacks deriving from malicious software. Moreover, the continuous emerging of new and sophisticated malware makes current solutions to protect mobile phones inadequate shortly after being implemented. In this paper a new approach for...
Malicious Android applications are currently the biggest threat in the scope of mobile security. To cope with their exponential growth and with their deceptive and hideous behaviors, static analysis signature based approaches are not enough to timely detect and tackle brand new threats such as polymorphic and composition malware. This work presents BRIDEMAID, a novel framework for analysis of Android...
Mobile phones are more and more used for sensitive resources exchange and access, becoming target for possible malware attacks. These attacks are still increasing with the birth of new and sophisticated malware that make the existing malware detection approaches often inadequate. Since the majority of new malware are generated using existing malicious code, it becomes very important tracking the mobile...
Android is currently the most widely used mobile environment. This trend encourages malware writers to develop specific attacks targeting this platform with threats designed to covertly collect data or financially extort victims, the so-called ransomware. In this paper we use formal methods, in particular model checking, to automatically dissect ransomware samples. Starting from manual inspection...
The rapid growth in smartphone and tablet usage over the last years has led to the inevitable rise in targeting of these devices by cyber-criminals. The exponential growth of Android devices, and the buoyant and largely unregulated Android app market, produced a sharp rise in malware targeting that platform. Furthermore, malware writers have been developing detection-evasion techniques which rapidly...
While mobile devices have become more pervasive every day, the interest in them from attackers has also been increasing, making effective malware detection tools of ultimate importance for malware investigation and user protection. Most informative malware identification techniques are the ones that are able to identify where the malicious behavior is located in applications. In this way, better understanding...
Smartphones are becoming more and more popular and, as a consequence, malware writers are increasingly engaged to develop new threats and propagate them through official and third-party markets. In addition to the propagation vectors, malware is also evolving quickly the techniques adopted for infecting victims and hiding their malicious nature to antimalware scanning. From SMS Trojans to legitimate...
Mobile malware has grown in scale and complexity, as a consequence of the unabated uptake of smartphones worldwide. Malware writers have been developing detection evasion techniques which are rapidly making anti-malware technologies uneffective. In particular, zero-days malware is able to easily pass signature based detection, while dynamic analysis based techniques, which could be more accurate and...
Android smartphones are the most widespread in the world. This is the reason why attackers write code more and more aggressive in order to steal data and other important information stored in the phone. One of the most representative malware that implements the typical trojan behaviour in Android environment is the so-called Fake Installer. In this paper we use formal methods, in particular model...
With the wide diffusion of smartphones and their usage in a plethora of processes and activities, these devices have been handling an increasing variety of sensitive resources. Attackers are hence producing a large number of malware applications for Android (the most spread mobile platform), often by slightly modifying existing applications, which results in malware being organized in families. Some...
We present a novel model of malware for Android, named composition-malware, which consists of composing fragments of code hosted on different and scattered locations at run time. An key feature of the model is that the malicious behavior could dynamically change and the payload could be activated under logic or temporal conditions. These characteristics allow a malware written according to this model...
Android malware is increasingly growing interms of complexity. In order to evade signature-baseddetection, which represents the most adopted technique bycurrent antimalware vendors, malware writers begin todeploy malware with the ability to change their code as theypropagate.In this paper, our aim is to evaluate the robustness of Androidantimalware tools when various evasion techniques are usedto...
Malware for smart phones is rapidly spreading out. This paper proposes a method for detecting malware based on three metrics, which evaluate: the occurrences of a specific subset of system calls, a weighted sum of a subset of permissions that the application required, and a set of combinations of permissions. The experimentation carried out suggests that these metrics are promising in detecting malware,...
Data, especially in large item sets, hide a wealth of information on the processes that have created and modified them. Often, a data-field or a set of data-fields are not modified only through well-defined processes, but also through latent processes; without the knowledge of the second type of processes, testing cannot be considered exhaustive. As a matter of fact, changes in the data deriving from...
We have developed a platform named Advanced Test Environment (ATE) for supporting the design and the automatic execution of UX tests for applications running on Android smart phones. The platform collects objective metrics used to estimate the UX. In this paper, we investigate the extent that the metrics captured by ATE are able to approximate the results that are obtained from UX testing with real...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.